-
Notifications
You must be signed in to change notification settings - Fork 323
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add PKCE (OAuth) #891
Conversation
Co-authored-by: Stojan Dimitrovski <sdimitrovski@gmail.com>
@J0 Can you please change the timestamp of the migration to be closer to today and also work with @kangmingtay to get this merged this week? |
@hf sure, let's change the migration timestamp at the end, once we are sure there are no further changes. I'll self review today and we can each do a final pass. Once we're all happy with where we're at with the PR we can merge. Upd: updated the timestamp |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks for putting this together!
Thanks for the refactors! The code is cleaner to read now. Going to merge |
🎉 This PR is included in version 2.55.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
The corresponding client side implementation for: supabase/auth#891 Points of note: - We don't support `plain` as a method on the client side for now. Users can make use of `plain` on the server side endpoints if they wish. TODO: - [x] Add support for devices without a `window` After PR: - Update reference spec with example on how to use PKCE --------- Co-authored-by: joel@joellee.org <joel@joellee.org> Co-authored-by: Stojan Dimitrovski <sdimitrovski@gmail.com> Co-authored-by: Kang Ming <kang.ming1996@gmail.com>
What kind of change does this PR introduce?
Adds POC for PKCE on Server Side.
Key points
userID
onoauthState
is not set as a foreign key as it is not set until the identity is created in the callback. Therefore, it could be null and is not set as a foreign key.What is the current behavior?
We use the implicit flow.
What is the new behavior?
We will use the PKCE flow.
Additional context
You may wish to view the end to end test on
external_github_test.go
before looking into the detailsShort demo: https://share.cleanshot.com/Rf3bPR6t